Configure the Windows Time service on the PDC emulator in the Forest Root Domain
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Configure the Windows Time service (W32time) on the primary domain controller (PDC) emulator operations master (also known as flexible single master operations or FSMO) in the forest root domain when you deploy a new forest root domain or when you move the role of the PDC emulator in the forest root domain to a new domain controller. If you move the role of the PDC emulator to a new domain controller, you must also change the configuration of the Windows Time service on the previous PDC emulator. For more information, see Change the Windows Time service configuration on the previous PDC emulator.
If the PDC emulator for your forest root domain is not configured or if it is unable to synchronize time from an external source, the PDC emulator for the forest logs W32time Event ID 12 in the System log of Event Viewer. For additional troubleshooting information, see Microsoft Knowledge Base article 816042 (http://go.microsoft.com/fwlink/?LinkID=60402)
Before you configure the Windows Time service on the PDC emulator, you can determine the time difference between it and the source as a means to test basic Network Time Protocol (NTP) communication. After completing the configuration on the PDC emulator, be sure to monitor the System log in Event Viewer for W32time errors.
For more information about the w32tm command, type w32tm /? at a command prompt or see Windows Time Service Tools and Settings on the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=42984).
To perform this procedure locally on the PDC emulator, you must be a member of the Administrators group. To perform this procedure from a remote computer, you must be a member of the Domain Admins group.
To configure the Windows Time service on the PDC emulator
Open a Command Prompt.
Type the following command to display the time difference between the local computer and a target computer, and then press ENTER:
w32tm /stripchart /computer:target /samples:n/dataonly
Specifies the Domain Name System (DNS) name or IP address of the NTP server that you are comparing the local computer's time against, for example, time.windows.com.
Specifies the number of time samples that will be returned from the target computer to test basic NTP communication.
Open User Datagram Protocol (UDP) port 123 for outgoing traffic if needed.
Open UDP port 123 (or a different port that you have selected) for incoming NTP traffic.
Type the following command to configure the PDC emulator, and then press ENTER:
w32tm /config /manualpeerlist:peers /syncfromflags:manual /reliable:yes /update
where peers specifies the list of DNS names or IP addresses of the NTP time source that the PDC emulator synchronizes from. For example, you can specify time.windows.com. When specifying multiple peers, use a space as the delimiter and enclose them in quotation marks. For more information about the NTP servers that you can use, see Microsoft Knowledge Base article 262680 (http://go.microsoft.com/fwlink/?LinkID=60401).
For example, to configure your PDC emulator to use the following list of fictional time servers:
Run the following command:
w32tm /config /manualpeerlist:”ntp1.fabrikam.com ntp.contoso.com time.fineartschool.net” /reliable:yes /update